This page provides advice and guidance for queries on suspicious activity related to customer accounts.
We have investigated isolated incidents where accounts have been fraudulently accessed.
We understand a small number of customers’ login details have been acquired outside of Wiggle’s systems and some have been used to gain access to Wiggle accounts and purchases made.
We have taken steps to identify these compromised accounts and we are individually contacting these customers.
All impacted customers will be refunded.
We are aware that where customers utilise the same password across multiple websites, fraudsters with access to some details can feasibly use these to try and gain access to genuine customer accounts.
We recommend our customers change their password if they have any concerns. We would like to assure our customers we are prioritising all enquiries related to this issue.
We would like to remind customers that data security is of the utmost importance to us.
Wiggle has now implemented additional security measures to help better protect your information.
- Wiggle has contacted all account holders who have made changes to their Wiggle Account access details in the last 31 days as a precaution.
- We have temporarily locked these accounts and are verifying with account holders that changes made are genuine.
- We have reset passwords for all accounts that may have been targeted by fraudulent activity.
- We have created an additional wall of security by asking all customers to re-enter their card details before making their next purchase.
- We have voluntarily made contact with the Information Commissioners Office and will continue working within their guidelines.
- We have issued public statements on social media and to media outlets outlining the situation to customers and asking them to update their password as a precaution.
We will continue to monitor the situation closely and will contact customers if there are any further significant updates.
Account security remains of the upmost importance to Wiggle and we will continue our work to ensure the safety and security of our customers’ data.
Our systems remain robust, up-to-date, and we are consistently and frequently adding additional protections to ensure your information is safe.
Here are just some of the steps we take to ensure your details are secured:
- Your account details are stored on a secured and encrypted database, hosted in a private, restricted, and dedicated data centre in the UK.
- Your credit card details are not held on our site. They are encrypted and not visible or accessible even if fraudsters acquire your login details from a source outside of Wiggle.
- We have automated and instant alerts letting you know if your account details have been changed.
- To protect our customers, all accounts will require the re-entry of card details for the next purchase.
Following some isolated incidents, we are adding additional layers of security and doing everything we can to reduce the risk of fraudulent activity.
However, to protect yourself further, here are some additional steps you can take to ensure your current logins are safe.
- Check your email address against existing data breach databases, such as https://haveibeenpwned.com/ .
- Use different passwords for different sites, especially for banking and shopping.
- Use strong passwords.
- Only use sites with URLs beginning with “HTTPS:”.
- Update your password regularly. You can update your Wiggle password here
- Update the software on all your devices.
- Should your email account be reported as compromised, we would highly recommend that you reset your email account password.
- If you notice any suspicious activity alert our specialist account services team at AccountSecurity@wiggle.com.
We apologise to affected customers and are taking additional steps to increase security and our response times in cases of account security issues.
We will do everything we can to keep customers informed of any changes to the situation.
In the meantime, we will continue to put our customers’ safety and security first and work hard to keep your information protected.
If you have been affected, or notice activity on your account that you do not recognise, you can contact Wiggle’s account security experts at AccountSecurity@wiggle.com, giving you priority access to our team dedicated to account security issues.